6.5 Ensure Audit Logging Is Enabled


Audit logging is not really included in the Community Edition of MySQL - only the general log. Using the general log is possible, but not practical, because it grows quickly and has an adverse impact on server performance.

Nevertheless, enabling audit logging is an important consideration for a production environment, and third-party tools do exist to help with this. Enable audit logging for

Interactive user sessions

Application sessions (optional)


Audit logging helps to identify who changed what and when. The audit log might be used as evidence in investigations. It might also help to identify what an attacker was able to accomplish.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.


Acquire a third-party MySQL logging solution as available from a variety of sources including, but not necessarily limited to, the following:

The General Query Log

MySQL Enterprise Audit

MariaDB Audit Plugin for MySQL

McAfee MySQL Audit

See Also


Item Details


References: 800-53|AU-2, 800-53|AU-7, 800-53|AU-12, CSCv7|6.2

Plugin: MySQLDB

Control ID: b5ca7b15048629c9c25cf6a9321fcc3c232f4b8b9d77986d583f0e83098d6705